<?php  
	header('Content-Type:applicaion/json');
	require_once(dirname(__FILE__).'/rfc6238/rfc6238.php');

	const username = 'admin';
	const password = 'admin123';

	// 这个32位的随机key是由系统提前生成。并告知用户，建议只给用户展示一次
	// 系统应保证每个用户的key都是唯一的
	const secretkey = 'GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ';

	if(!(isset($_POST['username']) && $_POST['username'] == username)){
		echo json_encode(['code' => 'error','msg' => '账号错误']);	
		return ;
	}

	if(!(isset($_POST['password']) && $_POST['password'] == password)){
		echo json_encode(['code' => 'error','msg' => '密码错误']);	
		return ;
	}

	if (TokenAuth6238::verify(secretkey,$_POST['code'])) {
		echo json_encode(['code' => 'success','msg' => '登录成功']);
		return ;
	} else {
		echo json_encode(['code' => 'error','msg' => '动态口令验证失败']);
		return ;	
	}

			
?>